10 |
10 |
11 #HTTP Domains |
11 #HTTP Domains |
12 my $domain = 'ssl.schlittermann.de'; |
12 my $domain = 'ssl.schlittermann.de'; |
13 my $domain2 = 'torproject.org'; |
13 my $domain2 = 'torproject.org'; |
14 my $domain3 = 'freebsd.org'; |
14 my $domain3 = 'freebsd.org'; |
|
15 my $domain4 = 'bad-hash.dane.verisignlabs.com'; # The TLSA record for this server has an incorrect hash value, although it is correctly signed with DNSSEC |
15 |
16 |
16 #smtpdomains |
17 #smtpdomains |
17 my $sdomain = 'hh.schlittermann.de'; |
18 my $sdomain = 'hh.schlittermann.de'; |
18 |
19 |
19 |
20 |
20 #Test main() |
21 sub test_main() { |
|
22 my $test_main_default_port = Nagios::Check::DNS::check_tlsa_record::main(($domain)); |
|
23 like($test_main_default_port, qr(OK: .* is valid), 'main() ok with domain and default port 443'); |
21 |
24 |
22 sub test_main() { |
25 my $test_main_domain_and_port = Nagios::Check::DNS::check_tlsa_record::main(($sdomain, 25)); |
23 my $test_main_default_port = Nagios::Check::DNS::check_tlsa_record::main(($domain)); |
26 like($test_main_domain_and_port, qr(OK: .* is valid), 'main() ok with domain and port'); |
24 like($test_main_default_port, qr(OK: .* is valid), 'main() ok with domain and default port 443'); |
|
25 |
27 |
26 my $test_main_domain_and_port = Nagios::Check::DNS::check_tlsa_record::main(($sdomain, 25)); |
28 my $test_main_domain_port_protocol = Nagios::Check::DNS::check_tlsa_record::main(($domain3, 443, 'tcp')); |
27 like($test_main_domain_and_port, qr(OK: .* is valid), 'main() ok with domain and port'); |
29 like($test_main_domain_port_protocol, qr(OK: .* is valid), 'main() ok with domain, port and protocol'); |
28 |
30 |
29 my $test_main_domain_port_protocol = Nagios::Check::DNS::check_tlsa_record::main(($domain3, 443, 'tcp')); |
31 my $test_main_no_tlsa = Nagios::Check::DNS::check_tlsa_record::main(('google.com')); |
30 like($test_main_domain_port_protocol, qr(OK: .* is valid), 'main() ok with domain, port and protocol'); |
32 like($test_main_no_tlsa, qr(WARNING: .*), 'main() warning when no SSL-Certificate or no TLSA-Record/DANE is available'); |
31 |
33 |
32 my $test_main_no_tlsa = Nagios::Check::DNS::check_tlsa_record::main(($sdomain)); |
34 my $test_main_default_port2 = Nagios::Check::DNS::check_tlsa_record::main(($domain4)); |
33 like($test_main_no_tlsa, qr(WARNING: .*), 'main() warning when no SSL-Certificate is available or dig returns no tlsa'); |
35 like($test_main_default_port2, qr(CRITICAL: .* valid), 'main() critical when DANE not valid.'); |
34 |
|
35 my $test_main_default_port2 = Nagios::Check::DNS::check_tlsa_record::main(($domain2)); |
|
36 like($test_main_default_port2, qr(CRITICAL: .* valid), 'main() critical with domain and default port 443'); |
|
37 |
36 |
38 } |
37 } |
39 |
38 |
40 sub test_dig() { |
39 #sub test_dig() { |
41 |
40 |
42 #my $test_dig_tlsa = Nagios::Check::DNS::check_tlsa_record::dig_tlsa($domain, 25, 'tcp'); |
41 #my $test_dig_tlsa = Nagios::Check::DNS::check_tlsa_record::dig_tlsa($domain, 25, 'tcp'); |
43 my $test_dig_tlsa = Nagios::Check::DNS::check_tlsa_record::get_tlsa_from_dns($domain, 443); |
42 #my $test_dig_tlsa = Nagios::Check::DNS::check_tlsa_record::get_tlsa_from_dns($domain, 443); |
44 like($test_dig_tlsa, qr(^[0-3]{1}\s[01]{1}\s[0-2]{1}\s[A-F0-9]{56}\s[A-F0-9]{8}), 'dig_tlsa() returnd format looks like an valid answer to dig tlsa'); |
43 #like($test_dig_tlsa, qr(^[0-3]{1}\s[01]{1}\s[0-2]{1}\s[A-F0-9]{56}\s[A-F0-9]{8}), 'dig_tlsa() returnd format looks like an valid answer to dig tlsa'); |
45 |
44 |
46 } |
45 #} |
47 |
46 |
48 #test_main(); |
47 test_main(); |
49 test_dig(); |
48 #test_dig(); |
50 |
49 |
51 |
50 |
52 |
51 |
53 #@TODO write tests |
52 #@TODO write tests |
54 #my $return2 = Nagios::Check::DNS::check_tlsa_record::dig_tlsa(qw(hh.schlittermann.de 25 udp)); |
53 #my $return2 = Nagios::Check::DNS::check_tlsa_record::dig_tlsa(qw(hh.schlittermann.de 25 udp)); |